new policy on e-mail attachments: PLEASE READ!

[Funknet List Admin]

Dear Funkneters,

We have just implemented a new (and hopefully temporary) policy on the
Funknet list.  If you send a message to Funknet with an attachment, that
message will be rejected by listserv.

This will not pose a problem for those of you who only post plain text
messages.  However, if you send a message to the list with an attachment
of any kind (including HTML attachments automatically generated by some
e-mail clients), your message will be rejected and you will be notified of
this by listserv.  To post, you will need to set your mail program to send
only plain-text messages to Funknet.  (Read on for information as to why.)

In the past two weeks, some Funknet subscribers have been bothered by
variants of the Klez virus.  Klez is an e-mail worm which affects users of
Microsoft Outlook and Outlook Express.  What makes this virus particularly
annoying is that it propagates itself by creating fake 'from' and 'to'
lines in e-mail messages, and it is often difficult to trace where the
message actually originated.  These fake 'from' and 'to' lines are
generally the addresses of real people who are listed in the Microsoft
addressbook of the infected computer.  So, for example, if a subscriber to
this list has a computer infected with Klez, and has the Funknet address
in their addressbook along with, say, John Smith's e-mail address, the
virus could randomly send itself to John Smith and put Funknet in the
'from' line.  John Smith will think he's just received a virus-infected
message from Funknet, when in fact Funknet had nothing to do with it,
other than happening to be listed in the addressbook of an infected
computer.  Unfortunately, the converse case is also possible--the virus
could send itself to Funknet, with the 'from' line of an actual
subscriber, in which case the listserv program will send it to the list
since it appears to be from a valid list member.

This is unfortunately what happened yesterday with the message which some
of you received that *appeared* to be from Ellen Prince:  someone has both
Ellen's address and Funknet's address in their addressbook, their computer
is infected with Klez, and so the virus created a message to Funknet
seeming to be from Ellen Prince--and listserv distributed it.  Neither
Ellen's computer nor the Funknet server is infected with the virus, it
came from an unknown and unwitting third-party.

This virus was particularly rampant in early 2002, and most universities
and ISPs have installed filters to weed out Klez-infected messages before
they reach their recipients.  this is why *most* Funknet subscribers never
even knew this was going on.  There are numerous FAQs available on
antivirus sites about this virus, for those of you who are interested in
more details.

The best way to deal with Klez is to make sure you are using up-to-date
Antivirus software.  Not only will this protect your computer from
receiving viruses, but it will also minimize the risk that *your* computer
will transmit a virus to other machines on the net.

The Klez filters have been in place at Rice since early summer, and they
have virtually eliminated instances of this virus on the campus network.
I am currently in touch with the IT people who run the listserv machine,
and they are investigating ways of filtering messages *before* they reach
listserv as well so that no more viruses get transmitted over Funknet or
other e-mail lists.  Meanwhile, a sure-fire way to keep viruses off of the
list is to prohibit messages with e-mail attachments, and we have just set
the list to do so.

I'll send another message to the list when virus filtering software is set
up for the listserv and this is no longer necessary.  If you have
questions or comments about this, or wish to discuss this further, please
reply directly to me at funkadmn at ruf.rice.edu so as not to clutter up the
list with administrative details.

--Robert Englebretson, for the Funknet list administration
funkadmn at ruf.rice.edu